| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2006-09-16 | Only interpret link state routing messages for the monitored carp interface. | Marco Pfatschbacher | |
| memcpy the if_msghdr to avoid alignment problems. OK hshoexer@, miod@, deraadt@ | |||
| 2006-09-12 | for apps which use interface groups, point to the section of | Jason McIntyre | |
| ifconfig(8) where they are explained; ok mcbride mpf henning | |||
| 2006-09-01 | Teach sasyncd to set isakmpd into active or passive mode, according | Marco Pfatschbacher | |
| to our current carp state. Based on a diff by ho@. OK ho@, hshoexer@, deraadt@ | |||
| 2006-08-31 | Add more SADB types to the filter: ACQUIRE, X_ASKPOLICY, REGISTER. | Marco Pfatschbacher | |
| While there put the message sieve into the more appropriate filter function. Pointed out by markus. OK ho@, markus@, hshoexer@, deraadt@ | |||
| 2006-08-31 | Only chroot the unprivileged part of sasyncd(8). | Marco Pfatschbacher | |
| OK deraadt@ mcbride@ hshoexer@ | |||
| 2006-08-30 | need to retry writing to pfkey socket on EAGAIN, ok theo | Henning Brauer | |
| 2006-06-03 | tweaks; | Jason McIntyre | |
| 2006-06-02 | whitespace cleanup, no binary change. | Moritz Jodeit | |
| 2006-06-02 | Make sasyncd fail back correctly with carp preemption enabled. | Ryan Thomas McBride | |
| Hold the carp demotion when booting, to prevent carp from preempting until we've sync'd with our peers. This adds a new CTL_ENDSNAP message to the exchange between the sasync daemons to indicate when the complete snapshot has been sent. Undemote after 60 seconds, or when recieve a CTL_ENDSNAP from all our peers. Syntax is slightly changed, removing the 'carp' keyword (so do "interface carp0" rather than "carp interface carp0". Adds 'group <ifgroup>', defaults to the 'carp' group. ok moritz@ | |||
| 2006-06-01 | Instead of polling the carp interface to detect a switch between MASTER and | Ryan Thomas McBride | |
| BACKUP, listen to the routing socket for link change messages. Based on a diff from nathanael at polymorpheous dot com. ok moritz@ | |||
| 2006-05-26 | let us not talk about ipsecadm and vpn anymore; ok reyk | Theo de Raadt | |
| 2006-04-16 | cleanup error handling to avoid two memleaks. found and ok pat@ | Moritz Jodeit | |
| 2006-03-31 | Plug memory leak on error path; ok ho@ moritz@ | Patrick Latifi | |
| 2006-02-15 | remove "the the" in comment; ok jmc@ | David Krause | |
| 2006-01-26 | fix some format strings and add a missing | Moritz Jodeit | |
| argument to a log_err() call. ok ho@ | |||
| 2006-01-20 | Don't depend on implicit include of signal.h | Todd C. Miller | |
| 2005-09-21 | IPSec -> IPsec | Jason McIntyre | |
| grammar from joel@ | |||
| 2005-09-11 | handle short read()'s. fixes transfer | Moritz Jodeit | |
| of very large SA/SPD snapshots. ok ho@ | |||
| 2005-07-19 | handle short reads/writes. this fixes the | Moritz Jodeit | |
| transfer of big SA/SPD snapshots. ok ho@ | |||
| 2005-07-09 | IP-address -> IP address; | Jason McIntyre | |
| from tamas tevesz; | |||
| 2005-07-07 | when reading of sadb/spd data fails don't call | Moritz Jodeit | |
| memset with a len of (unsigned)-1. ok ho@ | |||
| 2005-05-31 | minor tweaks; | Jason McIntyre | |
| 2005-05-28 | result not used; ok ho | Theo de Raadt | |
| 2005-05-28 | Optionally prevent syncing failover node-node SA/SPD info (master side). | Hakan Olsson | |
| 2005-05-27 | Update, also mention pfsync integration | Hakan Olsson | |
| 2005-05-27 | Keep sockaddr in syncpeer struct. | Hakan Olsson | |
| 2005-05-27 | Implement SPD (IPsec flow) snapshots. | Hakan Olsson | |
| 2005-05-26 | Document 'flushmode' | Hakan Olsson | |
| 2005-05-26 | add a 'flushmode' to control how the master handles FLUSH to slaves. tweak ↵ | Hakan Olsson | |
| some loglevels. | |||
| 2005-05-26 | check ppid | Hakan Olsson | |
| 2005-05-26 | disable SPD snapshot for now | Hakan Olsson | |
| 2005-05-26 | Initialize variables | Hakan Olsson | |
| 2005-05-26 | Don't alloc/free zero-sized SADB/SPD buffers. | Hakan Olsson | |
| 2005-05-24 | cleanup parser, permit more than one listener | Hakan Olsson | |
| 2005-05-24 | logging tweaks | Hakan Olsson | |
| 2005-05-24 | Now that all "other" SADB_DUMP fields are zero, we don't have fix it here. | Hakan Olsson | |
| 2005-05-24 | Remove some debugging cruft. | Hakan Olsson | |
| 2005-05-24 | When peers connect, have the master daemon look at in-kernel SAs and feed | Hakan Olsson | |
| these to the new peer. Adds privsep as fetching SADB and SPD kernel data requires privileges. | |||
| 2005-05-23 | wee fixes; | Jason McIntyre | |
| 2005-05-23 | Xr and whitespace fixes; | Jason McIntyre | |
| 2005-05-23 | Various logging fixes, handle peer disconnects better. | Hakan Olsson | |
| 2005-05-23 | add "listen on <interface name>" | Hakan Olsson | |
| 2005-05-23 | No more SSL. Make text somewhat clearer. | Hakan Olsson | |
| 2005-05-22 | No more SSL between peers, instead do shared key AES & SHA | Hakan Olsson | |
| 2005-05-22 | style nits | Hakan Olsson | |
| 2005-05-03 | setres[ug]id; ok deraadt@ | Damien Miller | |
| 2005-05-01 | typarella; from alexandre anriot; | Jason McIntyre | |
| 2005-05-01 | spelling | David Krause | |
| 2005-04-03 | yacc parser | Hakan Olsson | |
| 2005-04-03 | Cleanup. | Hakan Olsson | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |